REMARKS /ARGUMENTS 

This Amendment is submitted in response to the final 
Office Action dated October 30, 2008. 

I . Introduction 

Claims 1-32 are pending in the application. Claim 1 has 
been amended to improve the claim wording. No new matter has 
been added. 

Claims 2, 4-6, 10-12, 18, 19, 22-24, 28, and 29 stand 
allowed. Applicant thanks the Examiner for this finding of 
allowability . 

Claims 1, 3, 7-9, 14-17, and 31 stand rejected under 35 
U.S.C. 102(e) as being anticipated by U.S. Patent Publication 
No. 20040039938 to Katz et al . (hereinafter "the Katz et al . 
publication" ) . 

Claims 13 and 32 stand rejected under 35 U.S.C. 103(a) 
as being unpatentable over the Katz et al . publication in 
view of Patent Publication No. 20020112073 to MeLampy et al . 
(hereinafter "the MeLampy et al . publication"). 

Claims 20, 21, 25, 26, and 27 stand rejected under 35 
U.S.C. 103(a) as being unpatentable over the Katz et al . 
publication in view of Patent Publication No. 20030195861 to 
McClure et al . (hereinafter "the McClure et al . 
publication" ) . 

Claim 30 stands rejected because it "does not include 
the limitations of the base claims present in the other 
proposed independent claims". 

As will be discussed below, none of the pending claims 
are anticipated or rendered obvious by the applied 
references . 
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II. Claims 1, 3, 7-9, and 13-17 are Patentable 



Claim 1 , as amended, recites the features [emphasis 
added] : 



A method of testing a firewall comprising : 

transmitting a signal, said signal being one 
of: a session initiation signal to initiate a 
communications session through said firewall and a 
session termination signal used to terminate an 
established communications session; and 

monitoring to determine from the time of the 
transmission of said signal one of: i) a port 
opening delay which occurs between a time of 
transmitting said signal, when said signal is a 
session initiation signal, and opening a port in 
said firewall for a communications session that is 
being initiated by said signal, and ii) a port 
closing delay which occurs between a time of 
transmitting said signal, when said signal is a 
session termination signal, and closing a port in 
said firewall as part of terminating an established 
communications session in response to said 
transmitted signal. 

The Katz et al . publication describes, at paragraph 

[0024] lines 1-5 (emphasis added) : 

"Referring to step 115, the client can measure the 
network latency between the client and the server. 
As defined herein, network, latency is an expression 
of how much time it takes a packet of data to get 
from one designated point to another." 

Further in the paragraph, at lines 13-15: 

"The round-trip network latency can be computed as 
the difference between the send time and the receive 
t ime . " 

Then, at paragraph [0028] , lines 8-11 (emphasis added) : 
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"The open port duration can be re-calculated with 
each new network latency measurement or when the 
network latency varies more than a predetermined 
percentage or amount . " 

The Examiner states on p . 4 of the Office Action that "A 
delay is defined as the time period between two events" . 
Applicant agrees with this definition. The question then 
becomes, "What are the two events?" The Examiner goes on to 
state "Namely, for the opening of a port event, the delay is 
the time period between a closed port state and an open port 
state". Again, Applicant agrees that this is one "delay" 
associated with a port opening (let's call this "Delay 1") . 

Next, the Examiner states: "The Katz prior art discloses 
a time calculation for opening a port and closing a port." 
The Katz et al . publication states: "In particular, the 
present invention provides a solution for dynamically varying 
the timing of port openings and closings according to a 
latency value to optimize the time duration that ports are 
open ([0013] lines 5-9)". The two events for "the time 
duration that ports are open" is the opening of the port and 
the closing of the port. Let's call this "Delay 2". Again 
in [0014], lines 7-8: "...the server can compute the open port 
duration". Still further, in [0027] lines 5-10 (emphasis 
added) : "Importantly, referring to decision block 13 0 and 
step 13 5, the network open port duration can be used to time 
port openings and closings so that the client and server 
remain synchronized until a communications session is 
complete. For example, the time a port is open can be 
monitored." Finally, in [0030] lines 1-7 (emphasis added): 
"In consequence, the port openings and closings can be timed 
using a dynamically changing open port duration to keep the 
port openings and closings optimized for the network 
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environment. For example, if the network becomes congested 
and network latencies begin to increase, a new open port 
duration can be computed and shared between the client and 
the server . " 

Another "delay" in the Katz et al . publication is 
"round-trip latency". It's defined in [0014] lines 5-7: 
"...the round-trip latency also can specify a time the client 
sends a request and a time the client receives a response to 
the request". Let's call this "Delay 3", where the two 
events are "sends a request" and "receives a response to the 
request" . 

Claim 1 recites delays which are different from those 
recited in the applied reference. Claim 1, as amended, 
recites : 

monitoring to determine from the time of the 
transmission of said signal one of: i) a port 
opening delay which occurs between a time of 
transmitting said signal, when said signal is a 
session initiation signal, and opening a port in 
said firewall for a communications session that is 
being initiated by said signal, and ii) a port 
closing delay which occurs between a time of 
transmitting said signal, when said signal is a 
session termination signal, and closing a port in 
said firewall as part of terminating an established 
communications session in response to said 
transmitted signal 

One of the delays recited in claim 1 is a "port opening 
delay" which occurs between the two events: "a time of 
transmitting said signal" and "opening a port in said 
firewall for a communications session that is being initiated 
by said signal". A second delay which is recited in claim 1 
is a "port closing delay" which occurs between the two 
events: "a time of transmitting said signal" and "closing a 



port in said firewall as part of terminating an established 
communications session in response to said transmitted 
signal" . 

The Examiner's "Delay 1" is not found in any of the 
references and is not found or recited in amended claim 1. 
Similarly, "Delay 2" and "Delay 3" cited by the Examiner are 
found in the Katz et al . publication, but NOT in claim 1. 
Further, the claim 1 "delays" are not found in the Katz et 
al . publication. There is no "session initiation signal" and 
no "session termination signal" disclosed in the Katz et al. 
publication. Further, measuring the time between 
"transmitting said signal" and "opening a port" is not taught 
or suggested in the Katz et al . publication (nor in any of 
the cited references) . Measuring the time between a "session 
termination signal" and "closing a port" is likewise not 
taught or suggested in the Katz et al . publication (nor in 
any other cited reference) . 

The Examiner states on p . 4 of the Office Action: "The 
Katz prior art discloses a time calculation for opening a 
port and closing a port. This time calculation includes a 
time delay portion calculation". This is true, but it is a 
description of "Delay 2" or "Delay 3", not the claim 1 
"delays". Delays 2 and 3 are in the Katz et al . publication, 
but not in claim 1 . 

The Examiner goes on to state: "Katz discloses the 
calculation of multiple types of delay and an opening and 
closing delay is well known in the art (see Katz paragraphs 
[0011] and [0012]: multiple types of delay)". It is of note 
that the Examiner acknowledges that there are "multiple types 
of delay" . Applicant again agrees that the Katz et al . 
publication teaches multiple delays ("Delay 2" and "Delay 3", 
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for example) . However, none of the cited art teaches or 

suggests the "delays" found in claim 1. 

On p. 4 of the Office Action, the Examiner states: 

"In order to adjust a value, the current state of a 
value namely the delay time (time period between 
closed and opened states or between opened and 
closed states) must first be determined, and then 
the value can be adjusted. The Katz prior art 
discloses the determination of a port opening time 
period and a port closing time period. The delay 
value is the time period for a transition from one 
state to the next state." 

It appears that the Examiner is again referring to 
"Delay 1". First, that is not the only delay involving 
opening or closing a port. Second, the "delay" referred to 
by the Examiner ("the time period for a transition from one 
state to the next state") is not measured or discussed in the 
Katz et al . publication (nor recited in claim 1) . 



On p. 4 of the Office Action the Examiner states: 

"The opening of a port is a communications 
initiation function and is the first signal to pass 
through a communications session interface, (see 
Katz paragraph [0014], lines 4-9; paragraph [0016], 
lines 5-10: time stamp communications processing; 
paragraph [0013], lines 5-9; paragraph [0030], lines 
1-4) . " 

However, the referenced passages refer to "round- trip 
latency", "open port duration", and the "time duration that 
ports are open" . These, again, are what we have called 
"Delay 2" and "Delay 3". Neither of these delay types is 
recited in claim 1 (and the recited "delays" in claim 1 are 
not found in the Katz et al . publication) . 
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For at least these reasons, claim 1 is patentable over 
the Katz et al . publication. 

Claim 3 , for at least the reason of being dependent on 
allowable claim 1, is therefore also patentable over the Katz 
et al . publication. 

Additionally, the Examiner states on p . 6 of the Office 
Action regarding claim 3 that the Katz et al . publication 
shows "port closing delay at [0014] lines 2-8 and/or [0024] 
lines 5-9". However, neither of these references mentions or 
describes "port closing delay", nor teach or suggest the 
features of claim 3 . 

Claim 7 recites the feature [emphasis added] : 

measuring a port closing delay time associated with 
the closing of said at least one port following the 
transmission of said signal to terminate said 
communications session 

As discussed above, the Katz et al . publication does not 
teach or suggest a port closing delay time, where the two 
events are a "signal to terminate said communications 
session" and a "port closing time" . 

Again, the Examiner states on p . 6 of the Office Action 
that the Katz et al . publication shows "measuring a port 
closing delay time associated with the closing of said at 
least one port following the transmission of said signal to 
terminate said communications session". However, as found in 
claim 7, the Katz et al . publication does not differentiate 
between a "signal to terminate said communications session" 
and "the closing of said at least one port"; therefore it 
doesn't teach or suggest measuring the time between these two 
events, and therefore doesn't teach or suggest "port closing 
delay time" . 
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For at least this reason, claim 7 is patentable over the 
Katz et al. publication. 

Claims 8, 9, and 13 , for at least the reason of being 
dependent on allowable claim 7, are therefore also patentable 
over the Katz et al . publication. 

Further, regarding claim 8, the Examiner states on p . 7 
of the Office Action that the Katz et al . publication shows 
"port closing delay determination at [0024] lines 5-9". This 
reference refers to network latency, not port closing delay. 

Claim 8 is additionally patentable over the cited 

reference as it recites the further feature: 

wherein said port closing delay is a time 
period which occurs between the time a signal used 
to cause the closing of the port is detected and 
said port ceases to allow communications signals to 
pass through from the first side of said firewall to 
the second side of said firewall 

Again, the Katz et al . publication discloses timing port 
openings and closings, whereas claim 8 discloses: a "port 
closing delay", which is further defined as: "a time period 
which occurs between the time a signal used to cause the 
closing of the port is detected and said port ceases to allow 
communications signals to pass through from the first side of 
said firewall to the second side of said firewall". 

There is no mention or suggestion in the Katz et al . 
publication of "determining when a signal to cause the 
closing of the port is detected", nor of the time that "said 
port ceases to allow communications signals to pass through", 
or to measure the time period between those two events. 

Further, there is no teaching or suggestion of 
"determining when a signal to cause the closing of the port 
is detected", nor of the time that "said port ceases to allow 
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communications signals to pass through", or to measure the 
time period between those two events. 

For at least these additional reasons, claim 8 is 
patentable over the cited reference. 

Regarding claim 9, the Examiner states on p. 7 of the 
Office Action that the Katz et al . publication discloses 
"test signals at [0024] lines 5-9". Applicant cannot find 
any reference to "test signals" in that cited passage. 

It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 
Katz et al . publication reference regarding claims 7, 8, 9, 
or 13 . 

Claim 14 recites the feature [emphasis added] : 

determining a time when said test signals 
first pass through said at least one port, said at 
least one port being opened in response to said 
signal to initiate a communications session; and 

determining a port opening delay which occurs 
in regard to opening a port in said firewall for 
said communications session from said determined 
time 

The Examiner cites the same passages in the Katz et al . 
publication regarding claims 14-17 as cited against claims 1, 
3, 7, 8, and 9. For the reasons given above in relation to 
those claims, claims 14-17 are patentable over the Katz et 
al . publication. 

Claims 15-17 , for at least the additional reason of 
being dependent on allowable claim 14, are also patentable 
over the Katz et al . publication. 
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It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 
Katz et al . publication reference. 

Ill . Claims 20, 21, and 25-27 are Patentable 

Claims 20, 21, 25, 26, and 27 stand rejected under 35 
U.S.C. 103(a) as being unpatentable over the Katz et. al . 
publication in view of the McClure et al . publication. 

Claim 20 recites the feature [emphasis added] : 

an analysis module for determining at least a port 
closing delay from a session signal time and a time 
probe signals are detected to stop passing through a 
port in said firewall corresponding to an initiated 
communications session. 

As discussed above, the Katz et al . publication does not 
teach or suggest "port closing delay", for any purpose, but 
certainly not by determining the time from "a session signal 
time" and a "time probe signals are detected to stop passing 
through a port" . 

The Examiner states on p . 11 of the Office Action that 
the Katz et al . publication discloses "detected to stop 
passing through a port in said firewall". However, the cited 
reference describes "network latency" ; not "port closing 
delay" as recited in claim 20. 

The Examiner goes on to cite the McClure et al. 
publication. However, the McClure et al . publication does not 
monitor "port closing delay". For example, at paragraph 0162, 
lines 3-5: "the ICMP scanning process sends 100 ICMP echo 
requests and monitors responses and time-outs." There is no 



determination of the time from "a session signal time" and a 
"time probe signals are detected to stop passing through a 
port" . 

The Examiner goes on to cite paragraph 0171, lines 1-4: 
"For each open TCP port located during the service discovery 
phase, a TCP data probe is sent to that port if the port is 
known to by typically associated with a particular service." 
Again, there is no timing of port delays. 

The Examiner next cites paragraph 0172, lines 1-4, which 
also doesn't teach or suggest determination of the time from 
"a session signal time" to a "time probe signals are detected 
to stop passing through a port". The cited portion states: 
"For each UDP port discovered during the service discovery 
phase, a similar UDP data probe is sent to each UDP port on 
the target computer known to be typically associated with a 
service." Sending a probe out will not result in a 
determination of "port opening delays" or "port closing 
delays", but will simply identify which ports are open or 
closed at any given time. 

Therefore, since neither the Katz et al . publication nor 
the McClure et al . publication teach or suggest the features 
of claim 20, no combination of the references could do so. 

For at least these reasons, claim 20 is patentable over 
the Katz et al. publication in conjunction with the McClure 
et al . publication. 

Claim 21 , for at least the reason of being dependent on 
allowable claim 20, is therefore also patentable over any 
combination of the cited references. 
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Claim 25 recites the feature [emphasis added] : 

a test signal analyzer for detecting probe 
signals passing through said first side of said 
firewall to said second side of said firewall and 
for determining port closing delays as measured from 
the time the test signal analyzer detects a signal 
used to close a port in said firewall and said 
analyzer ceases to detect test signals passing 
through said firewall . 

As discussed above, the Katz et al . publication does not 
teach or suggest "determining port closing delays" or 
measuring the "time the test signal analyzer detects a signal 
used to close a port in said firewall and said analyzer 
ceases to detect test signals passing through said firewall". 

Also as discussed above in relation to claim 20, there 
is no reference in the Katz et al . publication to "ceases to 
detect test signals passing through said firewall" (p. 13 of 
the Office Action) . 

The Examiner cites the McClure et al . publication in 
conjunction with the Katz et al . publication. As discussed 
above, the McClure et al . publication does not monitor "port 
closing delays". For example, at paragraph 0162, lines 3-5: 
"the ICMP scanning process sends 100 ICMP echo requests and 
monitors responses and time-outs." There is no determination 
of the time from "a session signal time" to a "time the test 
signal analyzer detects a signal used to close a port in said 
firewall and said analyzer ceases to detect test signals 
passing through said firewall". 

The Examiner goes on to cite paragraph 0171, lines 1-4: 
"For each open TCP port located during the service discovery 
phase, a TCP data probe is sent to that port if the port is 
known to by typically associated with a particular service." 
Again, there is no timing of port delays. 
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The Examiner next cites paragraph 0172, lines 1-4: "For 
each UDP port discovered during the service discovery phase, 
a similar UDP data probe is sent to each UDP port on the 
target computer known to be typically associated with a 
service." Sending a probe out will not result in a 
determination of "port opening delays" or "port closing 
delays", but will simply identify which ports are open or 
closed at any given time. 

For at least these reasons, claim 25 is patentable over 
the Katz et al . publication in conjunction with the McClure 
et al . publication. 

Claims 26 and 27 , for at least the reason of being 
dependent on allowable claim 25, are therefore also 
patentable over any combination of the cited references. 

IV. Claims 30-32 are Patentable 

Claim 30 recites the features [emphasis added] : 

transmitting session termination signals 

used to control the termination of communications 
sessions through said firewall at an increasing 
rate; and 

measuring the effect of the increasing rate of 
session termination signals on port closing delays 

associated with the termination of communications 
sessions through said firewall. 

The Examiner does not state any specific references for 
rejecting claim 30. However, in a previous Office Action, 
the Examiner cited paragraph 0013, lines 5-9 to support 
"transmitting session signals at an increasing rate". 
However, the citation reads: "In particular, the present 
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invention provides a solution for dynamically varying the 
timing of port openings and closings according to a latency 
value to optimize the time duration that ports are open" . 
There is no mention of "transmitting session termination 
signals ...at an increasing rate" or of "measuring the effect 
of the increasing rate" on "port closing delays". The 
reference is to change the duration of port openings. 

The Examiner goes on to cite paragraph 0030, lines 1-4 
[emphasis added] : "In consequence, the port openings and 
closings can be timed using a dynamically changing open port 
duration to keep the port openings and closings optimized for 
the network environment". Again, there is no mention of 
"transmitting session termination signals ...at an increasing 
rate" or of "measuring the effect of the increasing rate" on 
"port closing delays". The reference is to change the 
duration of port openings . 

The Examiner goes on to cite paragraph 0034, lines 1-5 
(see citation above), which refers to "monitoring network 
latency" to "dynamically adjust the open port duration". 
There is no mention of "transmitting session termination 
signals ...at an increasing rate" or of "measuring the effect 
of the increasing rate" on "port closing delays". 

For at least these reasons, claim 30 is patentable over 
the Katz et al. publication. 

Claims 31-32 , for at least the reason of being dependent 
on allowable claim 30, are therefore also patentable over the 
Katz et al. publication. 

Regarding claim 31, the Examiner refers on p. 9 of the 
Office Action to [0024] lines 5-9, and [0025] lines 7-9. 
These refer to "network latency", not to "determining the 
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session signal rate which results in a maximum acceptable 
port closing delay being exceeded" . 

It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 
Katz et al . publication reference. 

V. Conclusion 

In view of the foregoing amendments and remarks, it is 
respectfully submitted that the pending claims are in 
condition for allowance 1 . Accordingly, it is requested that 
the Examiner pass this application to issue. 

If there are any outstanding issues which need to be 
resolved to place the application in condition for allowance 
the Examiner is requested to call (732-542-9070) and schedule 
an interview with Applicant's undersigned representative. To 

the extent necessary, a petition for extension of time under 
37 C.F.R. 1.13 6 is hereby made and any required fee in regard 
to the extension or this amendment is authorized to be 
charged to the deposit account of Straub & Pokotylo, deposit 
account number 50-1049. 

None of the statements or discussion made herein are 
intended to be an admission that any of the applied 
references are prior art to the present application and 
Applicants preserve the right to establish that one or more 
of the applied references are not prior art. 



' As Applicant's remarks with respect to the Examiner's rejections are sufficient to overcome these rejections, 
Applicant's silence as to assertions by the Examiner in the Office Action or certain requirements that may be 
applicable to such rejections (e.g., whether a reference constitutes prior art, ability to combine references, 
assertions as to patentability of dependent claims) is not a concession by Applicant that such assertions are 
accurate or such requirements have been met, and Applicant reserves the right to analyze and dispute such in 
the future. 
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Respectfully submitted, 



December 23, 2008 



Michael P. Straub Attorney 
Reg. No. 36,941 
Tel.: (732) 936-1400 
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